Figure 784. Running a Docker container Slide presentation
docker run --detach  \ 
  --name openldap \
  -p 389:389 \ 
  --env LDAP_ORGANISATION="Betrayers heaven" \ 
  --env LDAP_TLS=false \
  --env LDAP_DOMAIN="" \
  --env LDAP_ADMIN_PASSWORD="secret" \
  --env LDAP_CONFIG_PASSWORD="secret" \ 
  --volume ~/OpenLdap/Data:/var/lib/ldap \
  --volume ~/OpenLdap/Config:/etc/ldap/slapd.d \

Run the container and detach its process from the current shell. This will start a background process.

The container's name to appear i.e. in a Docker listing:

docker container ls

CONTAINER ID        IMAGE                  ...  PORTS                           NAMES
e82c438cda24        osixia/openldap:1.4.0  ...>389/tcp, 636/tcp   openldap

Bind the containers port 389 to the host system's port 389.

The organisation's name e.g. HdM Stuttgart.

We currently do not require transport layer security.

The organisation's domain name. The corresponding DIT's root will be dc=betrayer,dc=de.

The DIT's administrator password corresponding to the bind DN cn=admin,dc=betrayer,dc=com. This grants full access to the DIT starting at node dc=betrayer,dc=com.

The server configuration tree's administrator password corresponding to an entirely distinct tree starting at cn=config. This tree among with its top level node of objectclass olcGlobal having RDN cn=config represents the server's configuration including:

  • Schema classes.

  • Access rules (permissions).

  • Logging configuration.

  • Search index definitions.

  • Database backend parameters.

LDAP_CONFIG_PASSWORD corresponds to the bind DN cn=admin,cn=config granting full access to the server's configuration tree.

The docker host system's pre - existing directories ~/OpenLdap/Data and /~/OpenLdap/Config will be mounted to the container's directories /var/lib/ldap and /etc/ldap/slapd.d respectively. Thus the OpenLdap server's back

end databases will reside on the docker host system's file system. This allows for e.g. deleting and restoring the container without loosing data.

This way your local server's database and the server's log files will exist outside your Docker container. This is not strictly required but allows to remove and re-install your container independently of its database.


On windows make sure to execute from inside the Linux Sub System. This will allow for efficient file system access.

The docker image name and version as being published on


Figure 785. Using docker-compose Slide presentation
version: '3.7'
        image: osixia/openldap:1.4.0
        container_name: openldap
        restart: always
            LDAP_ORGANISATION: "Betrayers heaven"
            LDAP_TLS: "false"
            LDAP_DOMAIN: ""
            LDAP_ADMIN_PASSWORD: "secret"
            LDAP_CONFIG_PASSWORD: "secret"
            - 389:389
            - ~/OpenLdap/Data:/var/lib/ldap
            - ~/OpenLdap/Config:/etc/ldap/slapd.d

Figure 786. Installing Apache Directory Studio Slide presentation

Figure 787. Administrator access to your DIT Slide presentation

Figure 788. Administrator access to your server's data tree Slide presentation

Figure 789. Administrator access to your server's configuration Slide presentation